diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java b/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java index 46e9844..42f3d71 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java @@ -19,6 +19,7 @@ import com.ningdatech.pmapi.sys.model.dto.RoleUpdateDTO; import com.ningdatech.pmapi.sys.model.entity.*; import com.ningdatech.pmapi.sys.service.*; import com.ningdatech.pmapi.sys.utils.AuthCacheKeyUtils; +import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; @@ -46,6 +47,7 @@ public class RoleServiceImpl extends ServiceImpl implements IR private final CachePlusOps cachePlusOps; private final IRoleMenuService roleMenuService; private final IMenuService menuService; + private final UserAuthLoginManage userAuthLoginManage; /** * 删除角色时,需要级联删除跟角色相关的一切资源: @@ -155,7 +157,10 @@ public class RoleServiceImpl extends ServiceImpl implements IR saveRoleMenu(data.getMenuIds(), role.getId()); saveRoleMenuDatascope(data.getMenuDataScopeList(), role.getId()); List userIdList = userRoleService.listUserIdByRoleId(role.getId()); - userIdList.forEach(w -> cachePlusOps.del(AuthCacheKeyUtils.userResourceCacheKey(w))); + userIdList.forEach(w -> { + cachePlusOps.del(AuthCacheKeyUtils.userResourceCacheKey(w)); + userAuthLoginManage.refreshSession(w); + }); } @Override diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java index 66d94d3..bedf486 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java @@ -3,6 +3,7 @@ package com.ningdatech.pmapi.user.manage; import cn.hutool.core.collection.CollectionUtil; import com.baomidou.mybatisplus.core.toolkit.StringUtils; import com.baomidou.mybatisplus.core.toolkit.Wrappers; +import com.ningdatech.pmapi.common.util.StrUtils; import com.ningdatech.pmapi.organization.model.entity.DingEmployeeInfo; import com.ningdatech.pmapi.organization.model.entity.DingOrganization; import com.ningdatech.pmapi.organization.service.IDingEmployeeInfoService; @@ -11,11 +12,17 @@ import com.ningdatech.pmapi.sys.model.entity.Role; import com.ningdatech.pmapi.sys.model.entity.UserRole; import com.ningdatech.pmapi.sys.service.IRoleService; import com.ningdatech.pmapi.sys.service.IUserRoleService; +import com.ningdatech.pmapi.user.convert.UserInfoConvertor; import com.ningdatech.pmapi.user.entity.UserInfo; +import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthToken; import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; -import com.ningdatech.pmapi.user.service.IUserAuthService; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; import com.ningdatech.pmapi.user.service.IUserInfoService; import lombok.RequiredArgsConstructor; +import org.springframework.security.core.context.SecurityContextImpl; +import org.springframework.session.Session; +import org.springframework.session.SessionRepository; +import org.springframework.session.data.redis.RedisIndexedSessionRepository; import org.springframework.stereotype.Component; import java.util.ArrayList; @@ -32,13 +39,12 @@ import java.util.stream.Collectors; @RequiredArgsConstructor public class UserAuthLoginManage { - private final IUserAuthService iUserAuthService; private final IUserInfoService iUserInfoService; private final IRoleService iRoleService; private final IDingOrganizationService iDingOrganizationService; private final IDingEmployeeInfoService iDingEmployeeInfoService; private final IUserRoleService iUserRoleService; - + private final RedisIndexedSessionRepository redisIndexedSessionRepository; /** * 根据用户id 获取用户全量信息 @@ -186,4 +192,47 @@ public class UserAuthLoginManage { userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } + + @SuppressWarnings({"rawtypes", "unchecked"}) + public void refreshSession(Long userId) { + UserFullInfoDTO userFullInfo = getUserFullInfo(userId); + List sessionIds = getSessionIds(userFullInfo); + if (sessionIds.isEmpty()) { + return; + } + SessionRepository redisSessionRepository = redisIndexedSessionRepository; + UserInfoDetails details = UserInfoConvertor.toUserInfoDetails(userFullInfo); + CredentialAuthToken cat = new CredentialAuthToken(details, details.getPassword(), details.getAuthorities()); + sessionIds.forEach(sessionId -> { + Session session = redisIndexedSessionRepository.findById(sessionId); + SecurityContextImpl context = session.getAttribute("SPRING_SECURITY_CONTEXT"); + context.setAuthentication(cat); + session.setAttribute("SPRING_SECURITY_CONTEXT", context); + redisSessionRepository.save(session); + }); + } + + private List getSessionIds(UserFullInfoDTO userFullInfo) { + List sessionIds = new ArrayList<>(); + String identifier = userFullInfo.getIdentifier(); + if (StrUtils.isNotBlank(identifier)) { + sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(identifier).keySet()); + } + String mobile = userFullInfo.getMobile(); + if (StrUtils.isNotBlank(mobile)) { + sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(mobile).keySet()); + } + Long accountId = userFullInfo.getAccountId(); + if (accountId != null) { + sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(accountId.toString()).keySet()); + } + return sessionIds; + } + + public void kickOff(Long userId) { + UserFullInfoDTO userFullInfo = getUserFullInfo(userId); + List sessionIds = getSessionIds(userFullInfo); + sessionIds.forEach(redisIndexedSessionRepository::deleteById); + } + } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java index 2d26866..0cd3b9f 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java @@ -10,7 +10,6 @@ import com.ningdatech.basic.model.PageVo; import com.ningdatech.pmapi.common.constant.RegionConst; import com.ningdatech.pmapi.common.helper.RegionCacheHelper; import com.ningdatech.pmapi.common.helper.UserInfoHelper; -import com.ningdatech.pmapi.common.util.BizUtils; import com.ningdatech.pmapi.organization.model.entity.DingEmployeeInfo; import com.ningdatech.pmapi.organization.model.entity.DingOrganization; import com.ningdatech.pmapi.organization.service.IDingEmployeeInfoService; @@ -20,7 +19,6 @@ import com.ningdatech.pmapi.sys.model.entity.UserRole; import com.ningdatech.pmapi.sys.service.IRoleService; import com.ningdatech.pmapi.sys.service.IUserRoleService; import com.ningdatech.pmapi.user.constant.UserAvailableEnum; -import com.ningdatech.pmapi.user.convert.UserInfoConvertor; import com.ningdatech.pmapi.user.entity.UserInfo; import com.ningdatech.pmapi.user.model.po.ReqUserDetailEditPO; import com.ningdatech.pmapi.user.model.po.ReqUserDetailPO; @@ -29,17 +27,11 @@ import com.ningdatech.pmapi.user.model.po.ReqUserInfoListPO; import com.ningdatech.pmapi.user.model.vo.ResUserDetailVO; import com.ningdatech.pmapi.user.model.vo.ResUserInfoListVO; import com.ningdatech.pmapi.user.model.vo.UserRoleVO; -import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthToken; import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; -import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; import com.ningdatech.pmapi.user.service.IUserInfoService; import com.ningdatech.pmapi.user.util.LoginUserUtil; import com.wflow.workflow.bean.dto.ProcessInstanceUserDto; import lombok.RequiredArgsConstructor; -import org.springframework.security.core.context.SecurityContextImpl; -import org.springframework.session.Session; -import org.springframework.session.SessionRepository; -import org.springframework.session.data.redis.RedisIndexedSessionRepository; import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; @@ -61,7 +53,6 @@ public class UserInfoManage { private final IUserRoleService iUserRoleService; private final IRoleService iRoleService; private final UserInfoHelper userInfoHelper; - private final RedisIndexedSessionRepository redisIndexedSessionRepository; private final RegionCacheHelper regionCacheHelper; private final UserAuthLoginManage userAuthLoginManage; @@ -268,6 +259,10 @@ public class UserInfoManage { UserInfo userInfo = iUserInfoService.getById(userId); userInfo.setAvailable(reqUserDisableOrEnablePO.getOperation()); iUserInfoService.updateById(userInfo); + if (userInfo.getAvailable().equals("DISABLE")) { + userAuthLoginManage.kickOff(userId); + } + } public ResUserDetailVO userInfoDetail(ReqUserDetailPO reqUserDetailPO) { @@ -341,7 +336,7 @@ public class UserInfoManage { iUserRoleService.saveBatch(userRoleList); } // 刷新用户权限 - refreshSession(userId); + userAuthLoginManage.refreshSession(userId); } /** @@ -502,25 +497,4 @@ public class UserInfoManage { return processInstanceUserDto; } - public void refreshSession(Long userId) { - UserFullInfoDTO ufi = userAuthLoginManage.getUserFullInfo(userId); - List sessionIds = new ArrayList<>(); - BizUtils.notNull(ufi.getIdentifier(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w).keySet())); - BizUtils.notNull(ufi.getMobile(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w).keySet())); - BizUtils.notNull(ufi.getAccountId(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w.toString()).keySet())); - if (sessionIds.isEmpty()) { - return; - } - SessionRepository redisSessionRepository = redisIndexedSessionRepository; - UserInfoDetails details = UserInfoConvertor.toUserInfoDetails(ufi); - CredentialAuthToken cat = new CredentialAuthToken(details, details.getPassword(), details.getAuthorities()); - sessionIds.forEach(sessionId -> { - Session session = redisIndexedSessionRepository.findById(sessionId); - SecurityContextImpl context = session.getAttribute("SPRING_SECURITY_CONTEXT"); - context.setAuthentication(cat); - session.setAttribute("SPRING_SECURITY_CONTEXT", context); - redisSessionRepository.save(session); - }); - } - }